API tools faq
paste
unixfreaxjp

WORDPRESS WEB VULNS & GOT INFECTED SITES ON 2012, APRIL 19TH

unixfreaxjp
Apr 19th, 2012
241
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.01 KB | None | 0 0
raw download clone embed print report
  1. WORDPRESS WEB VULNS & GOT INFECTED SITES ON 2012, APRIL 19TH
  2. QUERRIED STRINGS: */wp-includes/* || */wp-content/*
  3. Source: http://www.malwareblacklist.com
  4. ------------------------------------------------------------------------------------------------
  5. Date URL Registrar IP ASN Hosting CN
  6. ------------------------------------------------------------------------------------------------
  7. 2012/04/19_08:11 und-noch.org/wp-content/uploads/2011/02/ugal1.jpg?%3F Red Orbit 82.197.130.40 13237 LAMBDANET CO... Germany
  8. 2012/04/19_07:19 youtu.it/wp-content/themes/Magnificent/js/superfish.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  9. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/js/jquery.easing.1.3.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  10. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/js/jquery.cycle.all.min.js REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  11. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/epanel/page_templates/js/fancybox/jquery.fancybox-1.3.4.pack.js?ver=1.3.4 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  12. 2012/04/19_07:18 youtu.it/wp-content/themes/Magnificent/epanel/page_templates/js/fancybox/jquery.easing-1.3.pack.js?ver=1.3.4 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  13. 2012/04/19_07:18 youtu.it/wp-content/plugins/contact-form-8/contact-form-7.js?ver=1.0.0 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  14. 2012/04/19_06:54 saltytours.is/wp-content/themes/dandelion_v2.6.2/ui/jquery-ui-1.8.13.custom.js - 93.95.224.121 44925 1984 EHF Iceland
  15. 2012/04/19_06:28 postoakfarm.org/wp-content/themes/EarthlyTouch/js/superfish.js Les Vahsholt... 69.89.21.68 46606 BLUEHOST INC... USA
  16. 2012/04/19_06:22 ozwiazkach.pl/wp-content/themes/Linepress/inc/js/superfish-1.4.8.js - 87.98.233.250 16276 OVH SYSTEMS Poland
  17. 2012/04/19_06:20 oneagleswingsfarm.org/wp-content/themes/Revoltz/core/js/jquery.base64.js GoDaddy.com ... 72.29.75.191 33182 HOSTDIME.COM... USA
  18. 2012/04/19_06:13 mriyatrade.com.ua/wp-content/themes/ElegantEstate/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2 - 193.169.188.64 21219 HOSTPRO Ukraine
  19. 2012/04/19_05:59 kazak-tili.kz/wp-content/plugins/contact-form-7/scripts.js?ver=2.4.3 - 92.47.29.12 9198 JSC KAZAKHTE... Kazakhstan
  20. 2012/04/19_05:52 januszkorczak.pl/wp-content/themes/eNews/epanel/page_templates/js/et-ptemplates-frontend.js - 212.85.116.188 12824 HOME.PL Poland
  21. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/slider.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  22. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/scriptaculous.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  23. 2012/04/19_05:42 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/prototype.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  24. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/effects.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  25. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/dragdrop.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  26. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/controls.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  27. 2012/04/19_05:41 gobeskidy.pl/wp-content/plugins/ajax-comments/scriptaculous/builder.js - 94.152.139.49 29522 KRAKOWSKIE E... Poland
  28. 2012/04/19_05:31 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/lib/scripts/mediaplayer/jwplayer.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  29. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/reflection.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  30. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/flashfix.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  31. 2012/04/19_05:30 fabulousmasterpieces-blog.co.uk/wp-content/themes/supermassive/js/custom.js - 188.65.115.129 35732 UK WEBHOSTIN... U.K.
  32. 2012/04/19_05:27 ekul.co.uk/wp-content/themes/Basic/epanel/page_templates/js/fancybox/jquery.fancybox-1.2.6.pack.js?ver=1.3.2 - 82.165.97.17 8560 1&1 INTERNET... Germany
  33. 2012/04/19_05:19 domainmeeting.pl/wp-content/themes/Chameleon/js/superfish.js - 89.161.250.16 12824 HOME.PL Poland
  34. 2012/04/19_05:19 documentare.org/wp-content/plugins/google-analyticator/external-tracking.min.js Protected Do... 188.215.55.36 34358 JUMP MANAGEM... Romania
  35. 2012/04/19_05:17 differentscene.co.uk/wp-content/themes/network/js/jquery.nivo.slider.js - 94.126.40.144 50056 ADVANTAGE IN... U.K.
  36. 2012/04/19_05:16 credit-cards-for-bad-credit.org/wp-content/themes/twentyeleven/js/html5.js WhoisGuard ... 65.60.41.26 32475 SINGLEHOP IN... USA
  37. 2012/04/19_05:16 dainhan.info/wp-content/plugins/nextgen-gallery/js/ngg.slideshow.min.js?ver=1.05 Tran Thang L... 112.213.89.90 45544 PAVIETNAM CO... Vietnam
  38. 2012/04/19_05:07 cedaroncharles.com.au/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js - 64.13.192.127 31815 MEDIA TEMPLE... USA
  39. 2012/04/19_05:05 ca-photo.de/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js - 88.84.137.176 24989 EQUINIX (GER... Germany
  40. 2012/04/19_05:02 bicer.pp.ua/wp-content/plugins/nextgen-gallery/js/jquery.cycle.all.min.js - 93.170.48.24 15497 ALFA TELECOM... Ukraine
  41. 2012/04/19_05:01 bayu.my/wp-content/themes/et_Webly/js/jquery.cycle.all.min.js - 79.170.40.233 31727 HEART INTERN... U.K.
  42. 2012/04/19_04:53 arenarentacar.rs/wp-content/themes/Chameleon/epanel/shortcodes/js/et_shortcodes_frontend.js?ver=1.7 - 194.9.94.203 39570 LOOPIA AB Sweden
  43. 2012/04/19_04:47 afyondsyb.org/wp-content/themes/ecobiz/js/jquery.prettyPhoto.js Sabri CETING... 85.153.35.232 31365 SISTEM GELIS... Turkey
  44. 2012/04/19_04:45 acs45.rs/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js - 217.26.70.100 15982 DRUSTVO ZA T... Serbia
  45. 2012/04/19_07:19 youtu.it/wp-includes/js/l10n.js?ver=20101110 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  46. 2012/04/19_07:19 youtu.it/wp-includes/js/jquery/jquery.form.js?ver=2.73 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  47. 2012/04/19_07:19 youtu.it/wp-includes/js/comment-reply.js?ver=20090102 REGISTER-REG... 195.110.124.133 12363 DADANET ITAL... Italy
  48. 2012/04/19_06:41 robertster.pl/wp-includes/js/jquery/jquery.js - 89.161.220.30 12824 HOME.PL Poland
  49. 2012/04/19_06:38 recreation.ownmylife.co.za/wp-includes/js/comment-reply.js?ver=20090102 - 184.22.145.67 21788 NETWORK OPER... USA
  50. 2012/04/19_06:27 pimpmylife.co.uk/wp-includes/js/jquery/jquery.js?ver=1.4.2 - 83.245.63.205 33970 PACKETEXCHAN... U.K.
  51. 2012/04/19_06:14 myhamy.org/wp-includes/js/jquery/jquery.js myhamy.org P... 75.119.204.76 26347 NEW DREAM NE... USA
  52. 2012/04/19_05:21 dreamindiaholidays.co.in/wp-includes/js/jquery/jquery.js?ver=1.7.1 Vir Bikram K... 208.91.199.19 40034 CONFLUENCE N... Virgin Islands (British)
  53. ------
  54. ZeroDay Japan http://0day.jp
  55. OPERATION CLEANUP JAPAN | #OCJP
  56. Analyst: Hendrik ADRIAN アドリアン・ヘンドリック Malware Researcher VT/ twitter/google: @unixfreaxjp
  57. sponsored by: 株式会社ケイエルジェイテック http://www.kljtech.com
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!